System and method for playback of copying-and-use-protected acoustic and image media

ABSTRACT

The invention relates to a system and to a method for playing copy-protected and utilization-protected electronic audio and video media and their data contents, whereby the data contents of the electronic media are encrypted in such a way they cannot be completely played or displayed without the execution of cryptographic processes. According to the invention, this objective is achieved in that, for playing purposes, a playback unit decrypts the data contents of electronic audio and video media that are supplied in entirely or partially encrypted or enciphered form by means of one or more “melody” keys for encrypting the data contents, said key being transmitted via a secure channel from an authentic source into the playback unit, and then said playback unit transfers these data contents from the digital domain into the analog domain in such a way that the data contents of the electronic audio and video media are not present at any point in time in unencrypted form as a digital data stream that can be copied.

The invention relates to a system and to a method for playingcopy-protected and utilization-protected electronic audio and videomedia and their data contents, whereby the data contents of theelectronic media are encrypted in such a way they cannot be completelyplayed or displayed without the execution of cryptographic processes.

It is known that so-called digital/analog transducers, D/A transducersfor short, are used to play digital electronic media, for example, inorder to convert a digital data stream that represents audio informationinto analog oscillations or signals that can be transmitted to aloudspeaker in an amplified form for purposes of conversion intoacoustic (air) oscillations. The same applies to the conversion intoanalog video signals for display, for example, by means of a televisiontube.

The function of a D/A transducer is to convert the data stream thatrepresents the audio and video information into analog signals asprecisely and error-free as possible, while avoiding self-generateddistortions. With a widespread modulation method, which has been in usesince the early 1980s in the compact disc system, the so-called“Pulse-Code-Modulation”, PCM for short, the digital data stream consistsof discrete, absolutely quantified amplitude values that exist for everysingle so-called sampling point in time. In the present case of acompact disc, this means that, per channel, there are 44,100 amplitudevalues per second with a value range of 16 bits (value range from 0 to65,535 or −32767 to +32767) in the data stream. According to theso-called sampling theorem of Nyquist, within the scope of the D/Aconversion, these discrete values can be employed to reconstruct thecourse of the curve of the later analog signal theoretically error-free,as long as the highest frequency occurring in the analog signal is atthe most half as much as the sampling frequency.

In spite of different models and modes of operation of D/A transducers,a characteristic feature of all of the transducers known so far is thatdigital data which represents an analog signal and from whichalgorithmic amplitude values can be calculated or generated within thescope of the conversion are fed in at the input of the D/A transducer.

All known playing devices for digital audio and video media in which D/Atransducers are used share the problem that it is not possible toreliably prevent the production of illegitimate copies of the datastream and thus of the audio and video media (so-called “piratedcopies”). At least immediately before the conversion, the digital datais present in a form that is referred to in cryptography circles as“plain text”, and accordingly, can be used bit by bit and byte by byteto create exact copies and thus also unauthorized pirated copies. Theplaying of copy-protected and utilization-protected electronic audio andvideo media is currently not known.

The invention is based on the objective of further improving existingsystems and methods for playing electronic audio and video media and thedata contents of the electronic media so that the data contents of theelectronic media are encrypted in such a manner that they cannot becompletely played or displayed without the execution of cryptographicprocesses.

According to the invention, this objective is achieved in that, forplaying purposes, a playback unit decrypts the data contents ofelectronic audio and video media that are supplied in entirely orpartially encrypted or enciphered form by means of one or more “melody”keys for encrypting the data contents, said key being transmitted via asecure channel from an authentic source into the playback unit, and thensaid playback unit transfers these data contents from the digital domaininto the analog domain in such a way that the data contents of theelectronic audio and video media are not present at any point in time inunencrypted form as a digital data stream that can be copied.

An advantageous embodiment of the method and a preferred embodiment ofthe system are characterized in that the transmission of the “melody”key or keys via a secure channel is secured by means of cryptographicencryption or enciphering.

It is advantageous here that the encryption or enciphering for thesecure transmission of the “melody” key or keys used for decrypting ordeciphering the data contents is carried out by means of a “media” keythat was received from a reliable, authentic source.

Moreover, it is advantageous here for the “media” key used fordecrypting or deciphering the “melody” key used for decrypting ordeciphering the data contents to be a “playback” key that is not usedregularly for playing the appertaining data contents.

Furthermore, it is advantageous here for the exchange of the “playback”key between the authentic source and the playback unit to be secured bya certificate of a reliable certification authority that can be verifiedby the opposite party.

An advantageous embodiment of the method and a preferred embodiment ofthe system are also characterized in that the authentic source of thekey is a cryptographic module that, after a decryption or deciphering ofthe electronic audio and video information stemming from the author,producer, processor or distributor or else their keys, once againencrypts or enciphers this information in such a way that only aplayback unit can decrypt or decipher it.

Here it is advantageous for the “playback” key that is used in thecryptographic module subsequent to a re-encrypting process forencrypting or enciphering the electronic audio and video media or elsethe key for decrypting or deciphering the electronic audio and videomedia to be transferred in advance reliably and authentically from thecryptographic module to the playback unit.

Moreover, it is advantageous for the “playback” key that is used in thecryptographic module for encrypting or enciphering the “melody” key orkeys to be generated in advance by the cryptographic module according tothe random principle or according to algorithms that make them moredifficult to predict.

It is also advantageous for the keys of the playback unit that are usedin the cryptographic module for encrypting or enciphering the “playback”key for transmission to the playback unit to differ from one playbackunit to the next.

Moreover, it is advantageous for the two data streams of the encryptedaudio and video media on the one hand, and the “melody” key or keys thatare to be decrypted with the decrypted “playback” key on the other hand,to only meet each other during the course of the actual digital-analogconversion so that a decrypted digital data stream of the audio andvideo data is not present.

Here, it is advantageous for the shift registers used for thedigital-analog conversion to be constructed in such a way that, in orderto convert their contents representing the audio and video signals, theyneed calibration information that is formed by the decrypted “melody”keys.

Additional advantages, special features and practical embodiments of theinvention ensue from the subclaims and from the presentation below ofpreferred embodiments.

The present method and system is to be introduced by several companiesin the media industry under the project designation “m.sec”. Below, thespecial features of m.sec are described.

With the advent of methods and systems for digital audio and videostorage, a new level of sound media piracy arose: through so-called“sampling”, the audio and video signals, which had previously existedonly in analog form, were unambiguously quantified within the scope ofdigitalization. Thanks to this unambiguous quantification, for example,in the form of bits and bytes with unambiguous values, perfect copiescould be produced for the first time which could no longer bedistinguished from the original and which thus suffered no qualitativedegradation.

After sound media piracy had already acquired a substantial scope in theform of illegally produced CD copies with the spread of the compactdisc, this piracy intensified even further with the advent of theInternet. Due to the large data volume, this was not so much a case ofCD copies or audio files in the CD format but rather, sound media piracywas facilitated by a new data format, with which—due to its greatcompressability—small files could be created that could easily beexchanged via the Internet: the so-called “MP3” format.

MP3 was particularly promoted by the Internet swap network “Napster”which—partially on the edge of legality and partially outside of thelaw—offered allegedly private exchange transactions between Internetusers in a public framework, thereby fostering the illegal transmissionof music titles to third parties.

At the latest since MP3 and Napster, the media industry has felt thatthere is a greater need for a new data format for audio and video data.M.sec meets this need by offering the following advantages:

-   -   Digital audio and video data is no longer published unencrypted        so that no perfect pirated copies of this original data can be        produced.    -   The audio and video data at the recipient is only decrypted in        exchange for payment of a user fee.    -   Here, variable user fees can be charged.    -   It is also possible to play parts of the audio and video data        (e.g. the first few seconds of a piece of music or the lead of a        film) without payment of a user fee.    -   It is possible to play any parts of the audio and video data        without payment of a user fee but with a diminished quality.    -   The encrypted audio and video data can be provided with certain        utilization rights (e.g. the number of times it can be played        and copied) as well as other additional information.    -   When the audio and video data are played, the data is likewise        not transferred unencrypted. Decryption only takes place at the        time of the so-called digital-analog conversion (D/A        conversion).    -   With the appropriate utilization rights, the recipient can        create copies of the audio and video data after payment of a        user fee.    -   These personal copies of the audio and video data are “released”        and from then on can be played without further payment of        license fees.    -   Such copies of the audio and video data that the recipient has        created after payment of a user fee cannot be readily used by        other recipients.

In order to meet these requirements, m.sec comprises the followingarchitecture:

-   -   The so-called “publisher” distributes electronic audio and video        data that is entirely or partially encrypted. (see “publisher”        in FIG. 1)    -   The recipient has an individual, personalized chip card (the        so-called m.card) which, as a cryptographic module, provides        functionalities that the recipient cannot manipulate (see        “cryptographic module at the recipient, m.card” in FIG. 1)    -   Appropriate playback and display devices (e.g. personal        computer, CD player, Walkman, TV, etc.), in conjunction with the        insertable chip card (m.card), offer the possibility to        correctly play encrypted audio and video data.

FIG. 1 shows the three possible transmission routes, designated as A, Band C:

-   -   With transmission route A (e.g. television), there is a        continuous and direct reception of the audio and video data, in        the extreme case, in an uninterrupted data stream without        beginning or end (so-called “streaming”).    -   With transmission route B, there is a remote transmission of        audio and video media (e.g. as an Internet download) as a rule,        in the form of dedicated, complete files.    -   With transmission route C, the audio and video information is        available at the recipient on physically provided audio and        video media (e.g. CDs or DVDs).

Here, the following scenarios of use are provided:

1. Playback of Transmitted Audio and Video Media (e.g. Broadcast TVProgram)

If completely or partially encrypted contents of audio and video mediaare to be received and played immediately, then the m.card serves as there-encrypting instrument between the encryption by the publisher and theplayback unit.

Here, the encryption by the publisher in the m.card is reversed by meansof decryption, the right to play is checked and the playback isinitiated. As a rule, this re-encrypting is associated with costs thatcan be administered, for example, in the cryptographic module. In FIG.1, this corresponds to the transmission route A in conjunction with themeasure at the recipient designated by the number 1), namely, immediateplayback.

2. Download and Personal Release of Audio and Video Data for SubsequentPlayback

If completely or partially encrypted contents are to be loaded, forexample, downloaded from the Internet and released for later personaluse, then the m.card serves as a re-encrypting instrument between theencryption by the publisher and the personal encryption with the m.card.As a rule, this re-encrypting is associated with costs that can beadministered, for example, in the cryptographic module. In FIG. 1, thiscorresponds to the transmission route B in conjunction with the measureat the recipient designated by the number 2), namely, the local storingof the information.

Here, the encryption by the publisher in the m.card is reversed by meansof decryption, the right to create a local copy is checked, theencryption with the m.card's own key is carried out and the generationof a copy is initiated.

3. Playback of Audio and Video Data that has Been Provided by the Authoron Physical Media

If completely or partially encrypted contents of audio and video mediaare to be played which are provided on physical media, then the m.cardserves as a re-encrypting instrument between the encryption by thepublisher and the playback unit.

Here, the encryption by the publisher in the m.card is reversed by meansof decryption, the right to play is checked and the playback isinitiated. As a rule, this re-encrypting is associated with costs thatcan be administered, for example, in the cryptographic module. In FIG.1, this corresponds to the transmission route C in conjunction with themeasure at the recipient designated by the number 1), namely, immediateplayback.

If the audio and video information is not temporarily stored in there-encrypted state as shown in Item 2 in FIG. 1, then, for purposes ofrepeated playback of the data that has not been re-encrypted, theinformation can be securely saved by means of the first-time decryptionof precisely specified audio and video data either in the cryptographicmodule itself or else outside of the cryptographic module, provided witha digital signature of the cryptographic module.

4. First and Repeated Playback of Personally Released Audio and VideoData

If contents of audio and video media that have been released andencrypted again with the m.card's own key are to be played back, thenthe m.card serves as the re-encrypting instrument. As a rule, thisre-encrypting is free of charge since a one-time fee for the release wasalready charged at the time of the original storing operation. In FIG.1, this corresponds to the measure at the recipient designated by thenumber 3), namely, later playback.

Here, the actual encryption of the m.card is reversed in the m.card bymeans of decryption and the playback is initiated.

5. Forwarding Personally Released Audio and Video Data to (Unauthorized)Third Parties

If contents of audio and video media that have been released andencrypted again with the m.card's own key are forwarded to thirdparties, then the latter does not have the possibility to decrypt them,so that the production of pirated copies is not possible. In FIG. 1,this corresponds to the measure at the recipient designated by thenumber 4), namely, forwarding to third parties.

Forwarding to third parties (optional) of released audio and video datathat can be made public again

If contents of audio and video media (e.g. for a separate fee) arereleased so that they can be made public again and if they are encryptedagain with the m.card's own key, then forwarding to third parties ispossible. For third parties, however, the possibility of decryption thenexists (e.g. for a fee), in the same manner as this is possible foraudio and video data that comes directly from publishers.

Use of Keys in the Entire System

FIG. 2 illustrates the use of keys in the entire system. In addition tothe already mentioned participating parties or system components(publisher, transmission channel/medium, cryptographic module m.card,storage and playback unit), there is now a new party, namely, thecertification authority (CA) which, as a neutral, trustworthy body or“trust center”, vouches for the issuing of keys.

The following keys are used by the parties:

The certification authority has a so-called first “main” key main₁.Encryptions with this first “main” key can be decrypted with thecounterpart to this “main” key, which is present in every m.card. The“main” key is, for example, a symmetrical key according to TDES with akey length of at least 168 bits. As an alternative, keys according toother encryption methods and with other key lengths, e.g. asymmetricalkeys with a length of 1024 bits, can also be used, whereby in the caseof asymmetrical methods, for example, the private keys are kept in thecertification authority and the public key is kept at the cryptographicmodules m.cards. In order to enhance the security, when asymmetricalkeys are used, the “public” key component in the cryptographic modulem.card is not actually made public but rather, in a likewise securemanner, it is introduced into the cryptographic module and would not beascertainable by the recipient. For security reasons, the “main” key isat least duplicated so that, if need be, the possibility exists in thecertification authority as well as in the m.cards to turn to a second oreven to additional “main” keys main₂, main_(n). In order to simplify thedescription below, regardless of whether symmetrical or asymmetricalkeys are used as the “main” key, the symmetrical variant is presentedand explained. With the asymmetrical variant, the key main₁, at thecertification authority would correspond to the private key and the keymain₁, in the cryptographic module would correspond to the matchingpublic key.

In order to encrypt their audio and video media, the individualpublishers receive a new “media” key med_(I) from the certificationauthority, for example, every year (see Step 1 in FIG. 2). Thisgenerally symmetrical key indirectly encrypts the data contents, namely,via changing “melody” keys, which is subsequently referred to as the“key melody”, (see further below for explanation). Other encryptionmethods (e.g. asymmetrical or on the basis of elliptical curves) arealso possible. Since the key med_(I) is not available for decryption inthe m.card, said key is supplied together with the data contents of theaudio and video media, in once again encrypted form. The publisher“media” key is encrypted at the certification authority with the “main”key main₁. The publisher “media” key (med_(I))_(main), which isencrypted with the “main” key, is also digitally signed by thecertification authority sig_(CA){(med_(I))_(main)}. In this process, thecertification authority creates a so-called digital fingerprint of theencrypted publisher “media” key and this digital fingerprint is thenencrypted with the private signing key of the certification authoritypriv_(CA) (see Steps 2 and 3 in FIG. 2).

In order to prevent the publisher from calculating the “main” key bymeans of crypto-analysis or by trying out all possible key combinations,through the presence of the pair consisting of the “media” key and the“media” key that was encrypted with the top-secret “main” key, thepublisher only has access to the “media” key in a cryptographic modulein such a way that the latter cannot read out the “media” key but canonly use it in accordance with the application purpose.

This signature of the certification authority is checked later in thecryptographic module m.card by the self-certificate of the certificationauthority that is saved there and that contains the public counterpartpub_(CA) of the signing key of the certification authority as well as,in turn, its signature with the signing key. As an alternative,especially if there is a lack of storage capacity in the cryptographicmodule, it is also possible for only the public key of the certificationauthority to be saved there. Likewise, in case of a lack of storagecapacity, a summary of the two key components, main₁, andpub_(CA)/priv_(CA), which are present in the certification authority andin the cryptographic module, is possible, although this lowers thesecurity level.

Data contents are now encrypted by the publisher with so-called “melody”keys that change in a time sequence (for instance, every minute orsecond), and that subsequently form the so-called “key melody”.Advantageously, these changing “melody” keys are random keys accordingto any desired, for example, symmetrical, method such as TDES with 128bits. As an alternative, other keys can also be used as random keys (seeStep 4 in FIG. 2).

In order to permit the later decryption of the data contents encryptedwith the key melody, the key melody is encrypted with the “media” key ofthe publisher med_(I) and, together with the encrypted audio and videoinformation, transmitted to the recipient via the transmission channelor medium (see Step 5 in FIG. 2). The key melody encrypted with the“media” key is called the “crypto-melody”.

The “media” key (med_(I))_(main) originally provided to the publisher bythe certification authority (see Step 6 in FIG. 2) as well as thecertificate or digital signature of the encrypted “media” keysig_(CA){(med_(I))_(main)}, likewise provided by the certificationauthority, are also transmitted to the recipient (see Step 7 in FIG. 2).

Thus, to summarize, at least the following four pieces of informationare transferred to the recipient via the transmission channel or via themedium, together with the actual audio and video information (additionalinformation can contain authorizations and utilization information suchas, for instance, prices):

-   -   Media data encrypted with the key melody: (media        data)_(key melody)    -   The key melody encrypted with the “media” key: (key        melody)_(medI)    -   The “media” key encrypted with the “main” key: (med_(I))_(main)    -   The certificate of the “media” key or the digital signature of        the “media” key created by the certification authority:        sig_(CA){(med_(I))_(main)}

Prior to the decryption of the data contents, the “media” key med_(I) isascertained in the m.card. Since this key is still in encrypted andsigned form together with the audio and video media, first of all, thecertificate or the signature of the certification authority is checkedwith the public key of the certification authority pub_(CA) that ispresent in the m.card (see Step 8 in FIG. 2). Subsequently, the “media”key is decrypted with the “main” key main₁ that is present in the m.cardand then used for the decryption operation (see Step 9 in FIG. 2).

Regardless of whether the audio and video media are to be playedimmediately or else stored temporarily, the crypto-melody is nowdecrypted into the key melody, making use of the previously decrypted“media” key (see Step 10 in FIG. 2).

This is where the advantage of using changing melody keys that make upthe key melody now becomes evident. During the course of processing thedata stream of the audio and video data, taking into account thecomputing capacity of the cryptographic module, only one media key at atime has to be processed in this module, and said key is valid for aspecific period of time. Even if one single melody key were to be madepublic, for example, by crypto-analysis or trial and error, this wouldonly have consequences for a short sequence of audio and video data thatwould then no longer be protected.

Like the “media” key, the key melody must not be read out. This isensured through the use of the cryptographic module.

If the audio and video media are to be played immediately, then first ofall, the certificate sig_(CA){pub_(re)} issued by the certificationauthority for the playback unit (or for that model of the playback unit)is transferred from the playback unit to the cryptographic module whereit is checked using the saved public key of the certification authoritypub_(CA) (see Step 11 in FIG. 2). For practical reasons, as a rule, theasymmetrical keys of the playback unit pub_(re) and priv_(re) are notindividually different pairs of keys but rather keys that are changedwith each new model of the playback unit and that are identical withineach model.

After positive verification, a random or unpredictable temporaryplayback key rdm is generated in the cryptographic module, thenencrypted with the public key of the playback unit (rdm)_(pubre) takenfrom the previously verified certificate and transferred to the playbackunit (see Step 12 in FIG. 2).

Subsequently, in the cryptographic module, the key melody is encryptedwith the playback key rdm (see Step 13 in FIG. 2) and, together with themedia data that are still encrypted, transferred to the playback unit(see Step 14 in FIG. 2). The playback key thus takes over the functionof a temporary “media” key. “Intercepting” the data exchanged betweenthe cryptographic module and the playback unit cannot be used forunauthorized pirated copies since the encrypted key melody cannot bedecrypted.

The playback key, with which the key melody can be decrypted and withwhich finally the media data can be decrypted for final playback, isdecrypted in the playback unit.

If the audio and video media are not going to be played immediately butrather first temporarily stored as a local copy, then, after anappropriate verification of the utilization rights, the unencrypted keymelody that is present in the crypto-graphic module is encrypted with a“card” key med_(card) that is individually associated with thecryptographic module and securely saved there (see Step 15 in FIG. 2).The key melody that is thus once again encrypted to form a card-specificcrypto-melody is stored, together with the media data that are stillencrypted, on any desired data medium, e.g. on the hard drive of a PC(see Step 16 in FIG. 2). This card key functions like a publisher“media” key but as a rule, in contrast to the latter, it does notaccompany the audio and video media for security reasons.

In an optional alternative, special card keys as well as the publisher“media” key, can accompany the audio and video media in encrypted form.The card key, like with the publisher “media” key, is encrypted withanother “main” key that is present in every key. By the same token, itis advantageous with this alternative to add the encrypted card key tothe audio and video media, together with a signature of a certificationauthority. Through this alternative, the audio and video media encryptedwith a card can be played via another card. In this manner, audio andvideo media can become “re-publishable”, optionally for a fee.

The use of main, media and signing keys reduces the overall risk ofcorruption of the entire system: by using relatively few “media” keys(e.g. one per publisher per year), the sensitive “main” key is used aslittle as possible, as a result of which the discovery of the key withinthe scope of crypto-analysis is made more difficult. However, even inthe actually serious event that the “main” key (which is, of course,present in every m.card) is discovered, this does not lead to a failureof the entire system since for this to happen, it would likewise benecessary to discover the well-secured signing key of the certificationauthority. Only through the interaction of the “main” key, the “media”key and the signing key is a simple and secure copy and utilizationprotection ensured.

Practical Use of Playback Units

Playback units that comply with the m.sec method can be realized asintegrated circuits and used as a replacement for or as an alternativeto existing digital-analog converters such as, for example, intelevision sets, radios, CD players, DVD players, video recorders, videocameras, projection systems, PC sound cards and PC graphic cards.

In order to allow communication with the personal crypto-graphic modulem.card, it is advantageous if the above-mentioned devices provide anappropriate communication interface. There are two alternatives here;either local communication or network-based communication to remotesystems (e.g. in the Internet).

The alternative preferred for the realization is local communication tothe cryptographic module that is configured as a microprocessor chipcard or as a dongle. The installation of a chip card reader in or on theplayback device or else a plug for inserting the dongle is likewiseadvantageous.

1. A system and a method for playing copy-protected andutilization-protected electronic audio and video media and their datacontents, whereby the data contents of the electronic media areencrypted in such a way they cannot be completely played or displayedwithout the execution of cryptographic processes, characterized in that,for playing purposes, a playback unit decrypts the data contents ofelectronic audio and video media that are supplied in entirely orpartially encrypted or enciphered form by means of one or more “melody”keys for encrypting the data contents, said key being transmitted via asecure channel from an authentic source into the playback unit, and thensaid playback unit transfers these data contents from the digital domaininto the analog domain in such a way that the data contents of theelectronic audio and video media are not present at any point in time inunencrypted form as a digital data stream that can be copied.
 2. Themethod according to claim 1, characterized in that the transmission ofthe “melody” key or keys via a secure channel is secured by means ofcryptographic encryption or enciphering.
 3. The method according toclaim 1, characterized in that the encryption or enciphering for thesecure transmission of the “melody” key or keys used for decrypting ordeciphering the data contents is carried out by means of a “media” keythat was received from a reliable, authentic source.
 4. The methodaccording to claim 1, characterized in that the “media” key used fordecrypting or deciphering the “melody” key used for decrypting ordeciphering the data contents is a “playback” key that is not usedregularly for playing the appertaining data contents.
 5. The methodaccording to claim 1, characterized in that the exchange of the“playback” key between the authentic source and the playback unit issecured by a certificate of a reliable certification authority that canbe verified by the opposite party.
 6. The method according to claim 1,characterized in that the authentic source of the key is a cryptographicmodule that, after a decryption or deciphering of the electronic audioand video information stemming from the author, producer, processor ordistributor or else their keys, once again encrypts or enciphers thisinformation in such a way that only a playback unit can decrypt ordecipher it.
 7. The method according to claim 1, characterized in thatthe “playback” key that is used in the cryptographic module subsequentto a re-encrypting process for encrypting or enciphering the electronicaudio and video media or else the key for decrypting or deciphering theelectronic audio and video media is transferred in advance reliably andauthentically from the cryptographic module to the playback unit.
 8. Themethod according to claim 1, characterized in that the “playback” keythat is used in the cryptographic module for encrypting or encipheringthe “melody” key or keys is generated in advance by the cryptographicmodule according to the random principle or according to algorithms thatmake them more difficult to predict.
 9. The method according to claim 1,characterized in that the keys of the playback unit that are used in thecryptographic module for encrypting or enciphering the “playback” keyfor transmission to the playback unit differ from one playback unit tothe next.
 10. The method according to claim 1, characterized in that thetwo data streams of the encrypted audio and video media on the one hand,and the “melody” key or keys that are to be decrypted with the decrypted“playback” key on the other hand, only meet each other during the courseof the actual digital-analog conversion so that a decrypted digital datastream of the audio and video data is not present.
 11. The methodaccording to claim 1, characterized in that the shift registers used forthe digital-analog conversion are constructed in such a way that, inorder to convert their contents representing the audio and videosignals, they need calibration information that is formed by thedecrypted “melody” keys.